• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1101
  • Last Modified:

Powershell Script

I have written a powershell script:
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentV ntersion\Winlogon" /v A /t REG_SZ /d 0 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Policies\System" /v DontDisplayLastUserName /t REG_SZ /d 1 /f
reg add "HKLM\System\CurrentControlSet\Services\LanManServer\Parameters" /v restrictnullsessaccess /t REG_SZ /d 1 / /t REG_DWORD /d 5 /f
reg add "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System" /v FilterAdministratorToken /t REG_SZ /d 1 /f
reg add "HKLM\Software\Policies\Microsoft\Windows\EventLog\Security" /v MaxSize /t REG_SZ /d 196608 /f
reg add "HKLM\Software\Policies\Microsoft\Windows\EventLog\system" /v MaxSize /t REG_SZ /d 32768 /f
reg add "HKLM\Software\Policies\Microsoft\Windows\EventLog\application" /v MaxSize /t REG_SZ /d 32768 /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DisableCAD /t REG_SZ /d 1 /f
reg add "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Policies\System" /v FilterAdministratorToken /t REG_SZ /d 1 /f
reg add "HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableUIADesktopToggle /t REG_SZ /d 1 /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v ConsentPromptBehaviorAdmin /t REG_SZ /d 1 /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersiosn\Policies\System" /v ConsentPromptBehaviorUser /t REG_SZ /d 1 /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v EnableInstallerDetection /t REG_SZ /d 1 /f
reg add "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System" /v DontDisplayLasetUserName /t REG_SZ /d 1 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections /t REG_DWORD /d 0 /f
reg add "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v UserAuthentication /t REG_DWORD /d 0 /f
reg add "hklm\system\currentcontrolset\services\wsservice" /v start /t reg_dword /d 4 /f

I need to write another powershell script to verify if all above switches are being set.

  • 3
  • 2
1 Solution
QlemoBatchelor and DeveloperCommented:

Do you want a single result of true/false for the complete set of reg values?
zman2013Author Commented:
single result.

Become an IT Security Management Expert

In today’s fast-paced, digitally transformed world of business, the need to protect network data and ensure cloud privacy has never been greater. With a B.S. in Network Operations and Security, you can get the credentials it takes to become an IT security management expert.

QlemoBatchelor and DeveloperCommented:
This line
reg add "HKLM\System\CurrentControlSet\Services\LanManServer\Parameters" /v restrictnullsessaccess /t REG_SZ /d 1 / /t REG_DWORD /d 5 /f

Open in new window

is wrong, there is certainly another reg add missing here.
The first line is also wrong, but the correction is obvious.
QlemoBatchelor and DeveloperCommented:
Example code:
$regval = @'
Key, Name, Value
HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, A, 0
HKLM:SOFTWARE\Microsoft\Windows NT\CurrentVersion\Policies\System, DontDisplayLastUserName, 1
HKLM:System\CurrentControlSet\Services\LanManServer\Parameters, restrictnullsessaccess, 1
HKLM:SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System, FilterAdministratorToken, 1 
HKLM:Software\Policies\Microsoft\Windows\EventLog\Security, MaxSize, 196608
HKLM:Software\Policies\Microsoft\Windows\EventLog\system, MaxSize, 32768
HKLM:Software\Policies\Microsoft\Windows\EventLog\application, MaxSize, 32768
HKLM:Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableCAD, 1
HKLM:Software\Policies\Microsoft\Windows\CurrentVersion\Policies\System, FilterAdministratorToken, 1
HKLM:Software\Policies\Microsoft\Windows\CurrentVersion\Policies\System, EnableUIADesktopToggle, 1
HKLM:Software\Microsoft\Windows\CurrentVersion\Policies\System, ConsentPromptBehaviorAdmin, 1
HKLM:Software\Microsoft\Windows\CurrentVersiosn\Policies\System, ConsentPromptBehaviorUser, 1
HKLM:Software\Microsoft\Windows\CurrentVersion\Policies\System, EnableInstallerDetection, 1
HKLM:Software\Microsoft\Windows\CurrentVersion\Policies\System, DontDisplayLasetUserName, 1
HKLM:SYSTEM\CurrentControlSet\Control\Terminal Server, fDenyTSConnections, 0
HKLM:SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp, UserAuthentication, 0
HKLM:system\currentcontrolset\services\wsservice, start, 4
'@ | ConvertFrom-Csv

foreach ($val in $regval)
  $ok = $false
  Get-Item $val.Key -ea SilentlyContinue |
    ? { $_.Property -eq $val.Name } |
    ? { (Get-ItemProperty $val.Key).$($val.Name) -eq $val.Value } | 
    % { $ok = $true }
  $val | Add-Member NoteProperty "ok" $ok -PassThru

Open in new window

This will show each key, valuename, value together with an "ok" column. A value is ok only if it is explicitely set, and has the same value.
zman2013Author Commented:
Thanks you so much.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now